需要修复电脑?
聘请专家
Virus:EXP/CVE-2011-3402.B
Date discovered:05/12/2012
Type:Exploit
In the wild:No
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low
Static file:No
File size:~ 4.201 Bytes
VDF version:7.11.52.188 - Wednesday, December 5, 2012
IVDF version:7.11.52.188 - Wednesday, December 5, 2012

 General Aliases:
   •  Symantec: Trojan.Gen.2
   •  Kaspersky: Exploit.Win32.CVE-2011-3402.b
   •  Sophos: Troj/DexFont-A


Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Can be used to execute malicious code
   • Makes use of software vulnerability
      •  CVE-2011-3402

 Special detection CVE-2011-3402

Description:
The exploit EXP/CVE-2011-3402 is targeting the True-Type-Font parsing engine which is run in kernel-mode. This fact makes this exploit very dangerous as an attacker can gain system level privileges.

An exploit gives the attacker the ability to install programs/drivers, view, change, or delete data or he could create new accounts with full user rights.

In an e-mail scenario the exploit needs user interaction (for instance by opening a malicious word document) to get executed. The discovered exploit comes in the form of a Microsoft word document.

Other possibilities may include using embedded TTF fonts in other types of files such as PDF.

说明添加者: Martin Muench 打开 2012年12月30日星期日
说明更新者: Martin Muench 打开 2012年12月30日星期日

反馈 . . . .

© 2013 Avira Operations GmbH & Co. KG. 保留所有权利.

我的帐户

https:// 为了你的安全,此窗口已加密。